AVR32 - FlashVault Basic Example Documentation
This is the documentation for the Secure State basic example of usage.
The Secure State allows execution of secure or secret code alongside 3rd-party code on the same processor. The secret code will execute in the secure state, and therefore be protected from hacking or readout by the 3rd-party code.
Recommended reading: the Secure State chapter in the AVR32 UC Technical Reference manual.
A 3rd-party application accesses public API functions exposed by the FlashVault.
This 3rd-party application also configures and handles the COUNT/COMPARE match interrupt.
The purpose of this example is to show that no matter when this interrupt occurs (whether while executing code in the FlashVault or in the 3rd-party application) it will safely be handled by the interrupt handler of the 3rd-party code. This is happening because the FlashVault implementation temporarily switches back to the 3rd-party code if an interrupt occurs while the execution is in the FlashVault.
Visual behavior:
- the 3rd-party application forever toggles LED1
- when a COUNT/COMPARE match interrupt occurs, LED0 toggles (use an oscilloscope to see the toggling because the interrupt occurs so often that LED0 appears to be steady on)
- Every time a COUNT/COMPARE match interrupt occurs while the execution is in the FlashVault, LED2 is toggled.
- thirdparty_app.c: the 3rd-party application that accesses the FlashVault public API and handles the COUNT/COMPARE match interrupt.
- thirdparty_crt0.S: the 3rd-party C runtime startup assembly file (GCC)
- flashvault.S: contains the Secure world source code (boot process, SSCALL handling to public API functions, interrupt handler, public API functions)
- flashvault.h: FlashVault public API accessible by a third-party application
- link_uc3l064.lds: custom linker script to separate the FlashVault area and the 3rd-party application area
This software was written for the GCC for AVR32. Other compilers may or may not work.
This example has been tested with the following configuration:
- STK600+RCUC3L0 routing card; AT32UC3L-EK
- CPU clock: default (i.e. on RCOsc);
- For the STK600+RCUC3L0 setup, apply the following connections:
- STK600.PORTA.PA4 -> STK600.LEDS.LED0
- STK600.PORTA.PA5 -> STK600.LEDS.LED1
- STK600.PORTA.PA6 -> STK600.LEDS.LED2
- STK600.PORTA.PA7 -> STK600.LEDS.LED3
This is a step-by-step description of the steps to follow to load the code and enable the FlashVault:
- avr32program chiperase : erase the flash and the gp fuses
- avr32program erase -o -finternal@0x80000000,64kB : erase the user page
- avr32program -pavrone program uc3l064-basic_flashvault_example.elf -euv -finternal@0x80000000,64kB : program the code
- avr32program -pavrone writefuses -finternal@0x80000000,64kB gp=0xFFEFFFFF : set the SECURE fuses to SS on/SSD off
OR
avr32program -pavrone writefuses -finternal@0x80000000,64kB gp=0xFFDFFFFF : set the SECURE fuses to SS on/SSD on - reset the target to start the show.
For further information, visit
Atmel AVR32.
Support and FAQ:
http://support.atmel.no/